# -*- coding: utf-8 -*-
# Created by liangfuting on 2020/8/24
# Copyright (c) 2020 liangfuting. All rights reserved.
from django.contrib.auth.hashers import make_password,check_password
from django.shortcuts import render,redirect,HttpResponse,reverse
from web.models import UserInfo
# from django.contrib.auth import get_user_model
# User=get_user_model()
from rbac.service.init_permission import init_permission


def login(request):

    if request.method=="POST":
        user=request.POST.get('user')
        pwd=request.POST.get('pwd')
        user=UserInfo.objects.filter(name=user).first()
        # print(user)
        # print(check_password(pwd,user.password))
        if not user:
            return render(request, 'login.html', {'msg': '用户不存在'})
        if not check_password(pwd,user.password):
            return render(request,'login.html',{'msg':'密码错误'})
        request.session['user_info']={'id':user.id,'nickname':user.nick_name}
        # print(request.session['user_info'])
        #初始化权限信息
        init_permission(user,request)
        return redirect(reverse('index'))
    return render(request,'login.html')

def logout(request):
    request.session.delete()
    return redirect(reverse('login'))

def index(request):
    return render(request,'index.html')


